Using nsupdate to update your zone file
First, generate a key pair:dnssec-keygen -a HMAC-MD5 -b 256 -n USER office_nsupdate
This gives you a public key and a private key:
Koffice_nsupdate.+157+19242.key
office_update. IN KEY 0 3 157 XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4=
Koffice_nsupdate.+157+19242.private
Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4=
Bits: AAA=
Created: 20110910050807
Publish: 20110910050807
Activate: 20110910050807
Algorithm: 157 (HMAC_MD5)
Key: XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4=
Bits: AAA=
Created: 20110910050807
Publish: 20110910050807
Activate: 20110910050807
Adding public key to DNS server
named.conf
key office_nsupdate {
algorithm HMAC-MD5;
secret "XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4=";
};
zone "mydomain.tld" {
type master;
file "data/mydomain.tld";
allow-update {
key office_nsupdate;
};
};
algorithm HMAC-MD5;
secret "XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4=";
};
zone "mydomain.tld" {
type master;
file "data/mydomain.tld";
allow-update {
key office_nsupdate;
};
};
Running nsupdate on client machine
Prepare a update scriptdns_update
server 9.8.7.6
zone mydomain.tld
update delete sl61.mydomain.tld. A
update add sl61.mydomain.tld. 3600 A 1.2.3.4
show
send
zone mydomain.tld
update delete sl61.mydomain.tld. A
update add sl61.mydomain.tld. 3600 A 1.2.3.4
show
send
Run the script with nsupdate
nsupdate -d -yoffice_nsupdate:XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4= dns_update
Check record on server
If a journal file was not created before, a new one will be created. Syslog should tell you so:Sep 7 14:19:28 nfshome named[13358]: client 1.2.3.4#63693: view internal: updating zone 'mydomain.tld/IN': adding an RR at 'sl61.mydomain.tld' A Sep 7 14:19:28 nfshome named[13358]: journal file data/mydomain.tld.jnl does not exist, creating it
Integrate script with dhclient
Create a script: /etc/dhcp/dhclient.d/nsupdate.sh
#!/bin/bash
TTL=3600
SERVER="8.7.6.5"
ZONE=`hostname -d`
HOSTNAME=`hostname`
IP=`ip route show default | head -1 | awk '{print $9}'`
KEY="office_nsupdate:XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4="
nsupdate -d -y$KEY << EOF
server $SERVER
zone $ZONE.
update delete $HOSTNAME. A
update add $HOSTNAME. $TTL A $IP
show
send
EOF
TTL=3600
SERVER="8.7.6.5"
ZONE=`hostname -d`
HOSTNAME=`hostname`
IP=`ip route show default | head -1 | awk '{print $9}'`
KEY="office_nsupdate:XV+sPF8htxUzFZO05IZ0aQL0ioymr09koCdGBERycR4="
nsupdate -d -y$KEY << EOF
server $SERVER
zone $ZONE.
update delete $HOSTNAME. A
update add $HOSTNAME. $TTL A $IP
show
send
EOF
There are no comments on this page. [Add comment]